scottk/kubernetes
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/kubernetes.git synced 2025-11-03 19:58:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #99862 from jsturtevant/windows-gmsa-full-fix

Browse Source 
[Test] [sig-windows] Make sure the GMSA output doesn't have failures when resolving the domain
This commit is contained in:
Kubernetes Prow Robot
2021-03-09 16:08:16 -08:00
committed by GitHub
parent d62a9b2179 94a5efcd12
commit e57e476153
1 changed files with 29 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
test/e2e/windows/gmsa_full.go
View File

@@ -77,6 +77,12 @@ const (
// gmsaWebhookDeployScriptURL is the URL of the deploy script for the GMSA webook
// TODO(wk8): we should pin versions.
gmsaWebhookDeployScriptURL = "https://raw.githubusercontent.com/kubernetes-sigs/windows-gmsa/master/admission-webhook/deploy/deploy-gmsa-webhook.sh"
// output from the nltest /query command should have this in it
expectedQueryOutput = "The command completed successfully"
// The name of the expected domain
gmsaDomain = "k8sgmsa.lan"
)
var _ = SIGDescribe("[Feature:Windows] GMSA Full [Serial] [Slow]", func() {
@@ -140,17 +146,34 @@ var _ = SIGDescribe("[Feature:Windows] GMSA Full [Serial] [Slow]", func() {
var output string
gomega.Eventually(func() bool {
output, err = runKubectlExecInNamespace(f.Namespace.Name, podName, "nltest", "/QUERY")
return err == nil
}, 1*time.Minute, 1*time.Second).Should(gomega.BeTrue())
expectedSubstr := "The command completed successfully"
if !strings.Contains(output, expectedSubstr) {
framework.Failf("Expected %q to contain %q", output, expectedSubstr)
if err != nil {
framework.Logf("unable to run command in container via exec: %s", err)
return false
}
if !isValidOutput(output) {
// try repairing the secure channel by running reset command
// https://kubernetes.io/docs/tasks/configure-pod-container/configure-gmsa/#troubleshooting
output, err = runKubectlExecInNamespace(f.Namespace.Name, podName, "nltest", fmt.Sprintf("/sc_reset:%s", gmsaDomain))
if err != nil {
framework.Logf("unable to run command in container via exec: %s", err)
return false
}
framework.Logf("failed to connect to domain; tried resetting the domain, output:\n%s", string(output))
return false
}
return true
}, 1*time.Minute, 1*time.Second).Should(gomega.BeTrue())
})
})
})
func isValidOutput(output string) bool {
return strings.Contains(output, expectedQueryOutput) &&
!strings.Contains(output, "ERROR_NO_LOGON_SERVERS") &&
!strings.Contains(output, "RPC_S_SERVER_UNAVAILABLE")
}
// findPreconfiguredGmsaNode finds node with the gmsaFullNodeLabel label on it.
func findPreconfiguredGmsaNodes(c clientset.Interface) []v1.Node {
nodeOpts := metav1.ListOptions{